Add FreeBSD support

Gemfile

@@ -16,9 +16,12 @@ group :development do
   gem "vagrant-wrapper"
   gem "puppet-blacksmith"
   gem "guard-rake"
+  gem 'listen', '<= 3.0.6', :require => false
 end
 
 group :system_tests do
   gem 'beaker-rspec', :require => false
   gem 'serverspec', :require => false
+  gem 'signet', git: "https://github.com/google/signet.git"
+  gem 'specinfra'
 end

manifests/init.pp

@@ -38,11 +38,14 @@
 # Copyright 2015 Arnoud de Jonge
 #
 class sudo (
-  $sudoers         = {},
-  $manage_sudoersd = false,
-  $manage_package  = true,
-  $sudoers_file    = ''
-) {
+  $sudoers           = {},
+  $manage_sudoersd   = false,
+  $manage_package    = true,
+  $sudoers_file      = '',
+  $root_group        = $::sudo::params::root_group,
+  $sudoers_directory = $::sudo::params::sudoers_directory,
+  $sudoers_file_path = $::sudo::params::sudoers_file_path,
+) inherits sudo::params {
 
   create_resources('sudo::sudoers', $sudoers)
 
@@ -52,18 +55,18 @@
     }
   }
 
-  file { '/etc/sudoers.d':
+  file { $sudoers_directory:
     ensure  => directory,
     owner   => 'root',
-    group   => 'root',
+    group   => $root_group,
     mode    => '0750',
     purge   => $manage_sudoersd,
     recurse => $manage_sudoersd,
     force   => $manage_sudoersd,
   }
 
   if $sudoers_file =~ /^puppet:\/\// {
-    file { '/etc/sudoers':
+    file { $sudoers_file_path:
       ensure => file,
       owner  => 'root',
       group  => 'root',

manifests/params.pp

@@ -0,0 +1,23 @@
+# == Class: sudo::params
+#
+#
+class sudo::params
+{
+
+  case $::osfamily {
+    'FreeBSD': {
+      $root_group        = 'wheel'
+      $sudoers_directory = '/usr/local/etc/sudoers.d'
+      $sudoers_file_path = '/usr/local/etc/sudoers'
+      $validate_cmd      = '/usr/local/sbin/visudo -c -f %'
+    }
+    default: {
+      $root_group        = 'root'
+      $sudoers_directory = '/etc/sudoers.d'
+      $sudoers_file_path = '/etc/sudoers'
+      $validate_cmd      = '/usr/sbin/visudo -c -f %'
+    }
+  }
+
+
+}

manifests/sudoers.pp

@@ -68,13 +68,21 @@
   $runas    = ['root'],
   $tags     = [],
   $defaults = [],
+  $sudoers_directory = $::sudo::params::sudoers_directory,
+  $validate_cmd      = $::sudo::params::visudo_path,
+  $root_group        = $::sudo::params::root_group,
 ) {
 
+  # The base class must be included first because it is used by parameter defaults
+  if ! defined(Class['sudo']) {
+    fail('You must include the sudo base class before using any sudo::sudoers defined resources. Add `include ::sudo:` to your manifest')
+  }
+
   # filename as per the manual or aliases as per the sudoer spec must not
   # contain dots.
   # As having dots in a username is legit, let's fudge
   $sane_name = regsubst($name, '\.', '_', 'G')
-  $sudoers_user_file = "/etc/sudoers.d/${sane_name}"
+  $sudoers_user_file = "${sudoers_directory}/${sane_name}"
 
   if $sane_name !~ /^[A-Za-z][A-Za-z0-9_]*$/ {
     fail "Will not create sudoers file \"${sudoers_user_file}\" (for user \"${name}\") should consist of letters numbers or underscores."
@@ -88,7 +96,7 @@
     file { $sudoers_user_file:
       content => template('sudo/sudoers.erb'),
       owner   => 'root',
-      group   => 'root',
+      group   => $root_group,
       mode    => '0440',
     }
     if versioncmp($::puppetversion, '3.5') >= 0 {

spec/acceptance/class_spec.rb

@@ -13,7 +13,13 @@ class { 'sudo': }
       apply_manifest(pp, :catch_changes  => true)
     end
 
-    describe file('/etc/sudoers.d/') do
+    if fact('osfamily') =~ /freebsd/i
+      @folder_dir = '/usr/local/etc/sudoers.d'
+    else
+      @folder_dir = '/etc/sudoers.d/'
+    end
+
+    describe file(@folder_dir) do
       it { should be_mode 750 }
       it { should be_owned_by 'root' }
     end

spec/acceptance/creating_a_sudoers_file.rb

@@ -0,0 +1,45 @@
+require 'spec_helper_acceptance'
+
+describe 'sudo::sudoers' do
+
+  context 'creating a sudoers file' do
+    it 'should work idempotently with no errors' do
+      pp = <<-EOS
+      group { 'janedoe':
+        ensure => present;
+      }
+      ->
+      user { 'janedoe' :
+        gid => 'janedoe',
+        home => '/home/janedoe',
+        shell => '/bin/sh',
+        managehome => true,
+        membership => minimum,
+      }
+      ->
+      class {'::sudo':}
+      ->
+      sudo::sudoers { 'Jane_Hello_World_Sudo':
+        ensure  => 'present',
+        comment => 'Allow Jane to Sudo Hello World',
+        users   => ['janedoe'],
+        runas   => ['root'],
+        tags    => ['NOPASSWD'],
+        cmnds   => ['/bin/echo Hello World'],
+      }
+      EOS
+
+      # Run it twice and test for idempotency
+      apply_manifest(pp, :catch_failures => true)
+      apply_manifest(pp, :catch_changes  => true)
+    end
+
+    describe command("su - janedoe -c 'sudo echo Hello World'") do
+      its(:stdout) { should match /Hello World/ }
+    end
+
+    describe command("su - janedoe -c 'sudo echo I cant do this'") do
+      its(:stderr) { should match /no tty present and no askpass program specified/ }
+    end
+  end
+end

spec/acceptance/nodesets/freebsd-10-x64.yml

@@ -0,0 +1,11 @@
+HOSTS:
+  freebsd-10-x64:
+    roles:
+      - master
+    platform: freebsd-10-x64
+    box : petems/freebsd-101-w_rsync
+    box_url : https://atlas.hashicorp.com/petems/boxes/freebsd-101-w_rsync
+    hypervisor : vagrant
+CONFIG:
+  log_level: verbose
+  type: foss

spec/spec_helper_acceptance.rb

@@ -1,9 +1,14 @@
-require 'beaker-rspec/spec_helper'
-require 'beaker-rspec/helpers/serverspec'
+require 'beaker-rspec'
 
 hosts.each do |host|
   # Install Puppet
-  install_puppet
+  if host['platform'] =~ /freebsd/
+    # Beaker tries to install sysutils/puppet
+    # It's now been renamed to sysutils/puppet38
+    host.install_package('sysutils/puppet38')
+  else
+    install_puppet
+  end
 end
 
 RSpec.configure do |c|